Fitness trackers, mobile apps shown to leak sensitive data

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2013/09/band1.jpg” thumb_width=”150″ /]An unnerving 35-page report published by Canadian nonprofit OpenEffect, assisted by the Citizen Lab at the Munk School of Global Affairs, University of Toronto, claims that leading fitness trackers and their corresponding mobile apps are veritable sieves of personal data, inviting security breaches. Where Hackermania Runs Wild starts with lack of Bluetooth LE privacy, allowing tracking via Bluetooth even when the tracker isn’t paired to a smartphone. Then many of the companion apps leaked login credentials, transmitted activity tracking information in a way that allowed interception or tampering, or allowed users (or others) to insert false activity tracking information. The trackers studied were the Basis Peak, Fitbit Charge HR, Garmin Vivosmart, Jawbone Up 2, Mio Fuse, Withings Pulse O2 and Xiaomi Mi Band. Notably the Apple Watch 2.0 was secure. The full report is titled dramatically “Every Step you Fake: A Comparative Analysis of Fitness Tracker Privacy and Security”. Security article, study in PDF, TheStar.com. Hat tip once again to Toni Bunting, former Northern Ireland Contributing Editor.

Our definitions

Telehealth and Telecare Aware posts pointers to a broad range of news items. Authors of those items often use terms 'telecare' and telehealth' in inventive and idiosyncratic ways. Telecare Aware's editors can generally live with that variation. However, when we use these terms we usually mean:

• Telecare: from simple personal alarms (AKA pendant/panic/medical/social alarms, PERS, and so on) through to smart homes that focus on alerts for risk including, for example: falls; smoke; changes in daily activity patterns and 'wandering'. Telecare may also be used to confirm that someone is safe and to prompt them to take medication. The alert generates an appropriate response to the situation allowing someone to live more independently and confidently in their own home for longer.

• Telehealth: as in remote vital signs monitoring. Vital signs of patients with long term conditions are measured daily by devices at home and the data sent to a monitoring centre for response by a nurse or doctor if they fall outside predetermined norms. Telehealth has been shown to replace routine trips for check-ups; to speed interventions when health deteriorates, and to reduce stress by educating patients about their condition.

Telecare Aware's editors concentrate on what we perceive to be significant events and technological and other developments in telecare and telehealth. We make no apology for being independent and opinionated or for trying to be interesting rather than comprehensive.